IBM QRadar
Developed by Mimecast
Überblick
The Mimecast integration with IBM QRadar offers joint customers improved visibility into potential vulnerabilities, ongoing attacks, prioritized incident response alerts and an overall increased security posture through one single console.
With email remaining the number one attack vector, it’s more important than ever to bring email security data into a single platform. The Mimecast for IBM QRadar app offers organizations better detection and alerting before, during and after an attack. Integrating Mimecast data into the IBM QRadar security intelligence platform through the Mimecast data logging API allows email security data to be correlated against other data sources, and be included in behavioral anomaly detection helping to identify indicators of advanced threats in real-time, that would otherwise go unnoticed.
Mimecast and IBM customers can better predict and prioritize what vulnerabilities to remediate through improved visibility of attacks with highly focused alerts. These alerts allow security teams to respond faster and with more certainty which helps contain and limit the impact of an attack. Additionally, joint customers can benefit from an increased security posture by leveraging one single system for threat intelligence and response.
Release notes
What's New
Version 1.0.5
-Improved parser to handle the presence of special characters within the 'subject' field.
-Support for distributed QRadar environments. Admins can specify the IP address of the target event collector/processor on the Mimecast for QRadar App configuration page
-Improved OpenSSL key generation
-Mimecast Saved Searches have been assigned to a group
-Resolved a high resource consumption issue, where supervisord.log references as 'Too many open files'
-Updated minimum QRadar version to 7.3.1
Version: 1.0.4
- Integrate Mimecast security data
- Gateway, audit and Targeted Threat Protection logs
- Mimecast security data is mapped to QRadar event ID's
- Pre-defined searches for simpler data visibility
Featured Apps
Rapid7
by Rapid7
Rapid7 InsightConnect is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
IBM QRadar
by Mimecast
The Mimecast integration with IBM QRadar offers joint customers improved visibility into potential vulnerabilities, ongoing attacks, prioritized incident response alerts and an overall increased security posture through one single console.
Splunk
by Mimecast
The Mimecast for Splunk Enterprise app helps you identify threats more quickly and respond faster. It does this by providing an easy way to add Mimecast gateway and audit events into your Splunk Enterprise environment.
LogRhythm
by Mimecast and LogRhythm
LogRhythm and Mimecast have developed an integration that combines email security with enterprise security and threat management.
Palo Alto Network’s Cortex
by Mimecast
Email remains the primary attack vector and the front line of incident detection, response and remediation. That’s why integrated email security controls are vital to completing your Cortex Data Lake solution.